Description

DSFederal is seeking a qualified Information Assurance Analyst (IAM II) to support a defense logistics information technology program. This program is responsible for sustaining and modernizing a family of logistics and supply chain management systems and applications. This position requires a motivated team player with a detail-driven personality that works well supporting a diverse staff across multiple functional areas and locations. This position will work with both government and contractor staff. Individuals must be able to collaborate, present, and disseminate technical and non-technical information to peers, customers, and external agencies as required.

Requirements

· Six (6) years of information assurance/cybersecurity experience with military automated information systems and information technology. Working knowledge of the Risk Management Framework (RMF) for Information Technology. 

· Support cybersecurity tasks for program applications, components, and sub-components.

· Assist with tracking, updating, and coordinating information related to Change Requests as they impact cybersecurity activities.

· Follow cybersecurity processes and procedures under DoD to protect US Government sensitive information.

· Update cybersecurity documentation in accordance with DOD policy and instruction as required by the ISSM and upload that documentation to a location identified by the ISSM where it is accessible to authorized individuals. 

· Verify and validate that security updates and patches are tested and applied to software and operating systems. 

· Review information assurance vulnerability management (IAVMs), communications tasking orders (CTOs), operational directives (OPDIRs), vulnerability alerts, and vendor notifications to determine applicability to systems and to assess the impact and provide assessment to the ISSM.

· Track, report status, and provide remediation suggestions for identified vulnerabilities. 

· Participate in cybersecurity discussions and vulnerability assessment scan reviews and provide technical guidance and solutions implementing cybersecurity best practices which will increase the security of the system and mitigate or eliminate vulnerabilities. Generate, review, and update cybersecurity documentation as required by risk management framework (RMF) processes. 

· Support all activities required for maintaining the authority to operate (ATO) and Federal Information Security Management Act (FISMA) compliances. These activities include, but are not limited to, Annual Security Reviews, Annual Security Control testing, Annual Contingency Plan testing, and quarterly update and submission of a quarterly Plan of Action and Milestones (POA&M). 

· Support cyber readiness inspections (CRI) and IV&V events as required. This includes but is not limited to; reviewing and updating systems security documentation, performing pre-assessment scans, analyzing vulnerability scan results, analyzing and updating configuration documentation, evaluating STIGs, evaluating test results, preparing and reviewing POA&Ms, and providing remediation options for vulnerabilities. All vulnerabilities shall be identified in the Security POA&M.

Technical Skills Required

· Knowledge of DoD cybersecurity processes and procedures

· Firm Knowledge of common cybersecurity threats, vulnerabilities, and attack vectors, including malware, phishing, social engineering, and network attacks.

· Familiarity with security tools and technologies, such as firewalls, intrusion detection/prevention systems, antivirus software, and vulnerability scanners

· Strong analytical and problem-solving skills to identify security risks, analyze logs and security events, and propose effective solutions.

· Excellent communication and interpersonal skills to collaborate with teams, and educate users on security best practices, and provide clear and concise reports and documentation.

Education Required

· High school diploma is required 

· Associates degree is preferred 

Clearance

· Public Trust clearance or higher is Required
Certifications Required 

· Security is Required AND

At least one of the following is also Required:

· Certified Information Systems Security Professional (CISSP) 

· Certified Information Security Manager (CISM) 

· Certified Authorization Professional (CAP) 

· CompTIA Advanced Security Practitioner (CASP ) 

· GIAC Security Leadership Certificate (GSLC) 

· Certified Chief Information Security Officer (CCISO) 

· Healthcare Information Security & Privacy Practitioner (HCISPP) 

Who We Are: 

DSFederal is a leader in health IT and data analytics that delivers innovative solutions to improve healthcare delivery and address critical challenges, including cancer surveillance, HIV/AIDS, maternal and child health, and COVID-19 emergency response. Our highly experienced professionals serve over 50 different federal clients on over 80 projects. Our people are united by one mission – to improve human life through transformative solutions. www.dsfederal.com. 

What We Can Offer You: 

DSFederal attracts the best people in the business with our competitive benefits package that includes medical, dental and vision coverage, 401k plan with employer contribution, paid holidays, vacation, and more. If you enjoy being a part of a high-performing, professional services, and technology-focused organization, we encourage you to apply! 

Our Mission: Improve human life through transformative solutions. 

Our Core Values: Integrity, People First, Disciplined Business Practices, Customer Centric, Value Creation 

EEO Statement: DS Federal is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or protected veteran status. 

E-Verify Statement 

DS Federal utilizes the E-Verify program for every potential new hire. This makes it possible for us to confirm that every employee who works for DS Federal is eligible to work in the United States. To learn more about E-Verify you can call 1-800-255-7688 or visit their website by clicking the logo below. E-Verify® is a registered trademark of the United States Department of Homeland Security.